Saml2SecurityTokenHandler.CreateAuthenticationStatement Method (AuthenticationInformation, SecurityTokenDescriptor)

.NET Framework (current version)

The .NET API Reference documentation has a new home. Visit the .NET API Browser on to see the new experience.

Creates a SAML 2.0 authentication statement from the specified authentication information.

Namespace:   System.IdentityModel.Tokens
Assembly:  System.IdentityModel (in System.IdentityModel.dll)

protected virtual Saml2AuthenticationStatement CreateAuthenticationStatement(
	AuthenticationInformation authInfo,
	SecurityTokenDescriptor tokenDescriptor


Type: System.Security.Claims.AuthenticationInformation

An AuthenticationInformation object that contains the state to be wrapped as a Saml2AuthenticationStatement object.

Type: System.IdentityModel.Tokens.SecurityTokenDescriptor

The token descriptor.

Return Value

Type: System.IdentityModel.Tokens.Saml2AuthenticationStatement

A Saml2AuthenticationStatement to add to the assertion being created or null to ignore the AuthenticationInformation object (and not create a SAML 2.0 authentication statement).

Exception Condition

tokenDescriptor is null.


The Subject property of tokenDescriptor is null.


The subject of the tokenDescriptor (the Subject property) contains claims with a claim type of either AuthenticationInstant or AuthenticationMethod but does not contain at least one claim of each type.


The authentication method specified by the subject of the tokenDescriptor cannot be resolved to an absolute URI.

.NET Framework
Available since 4.5
Return to top